CWE:
 

Topic
Date
Author
Med.
inoERP 0.6.1 CSRF / XSS / SQL Injection
28.03.2017
foxmole
Med.
Tour Package Booking 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Delux Same Day Delivery Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
CouponPHP CMS 3.1 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Just Another Video Script 1.4.3 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Parcel Delivery Booking Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Adult Tube Video Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
Hotel Booking Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
B2B Marketplace Script 2.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Courier Tracking Software 6.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Alibaba Clone Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
PHP Real Estate Property Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
Professional Bus Booking Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
EON 5.0 SQL Injection
24.03.2017
Nicolas SERRA
Med.
Gr8 Tutorial Script SQL Injection
24.03.2017
Ihsan Sencan
Med.
Gr8 Gallery Script SQL Injection
24.03.2017
Ihsan Sencan
Med.
Joomla FocalPoint 1.2.3 SQL Injection
24.03.2017
Persian Hack Team
Med.
Bonza Digital Cart Script 1 SQL Injection
24.03.2017
Bilal KARDADOU
Med.
Membership Site Script 1 SQL Injection
24.03.2017
Bilal KARDADOU
Med.
Joomla Component FocalPoint 1.2.3 - SQL Injection
23.03.2017
Persian Hack Team
Med.
Joomla Extra Search 2.2.8 SQL Injection
22.03.2017
Ihsan Sencan
Med.
GLink Word Link Script 1.2.3 SQL Injection
22.03.2017
Ihsan Sencan
Med.
Joomla JooCart 2.x SQL Injection
21.03.2017
Ihsan Sencan
Med.
Omegle Clone SQL Injection
20.03.2017
Ihsan Sencan
Med.
iFdate Social Dating Script 2.0 SQL Injection
20.03.2017
Ihsan Sencan
Med.
Joomla jCart For OpenCart 2.0 SQL Injection
20.03.2017
Ihsan Sencan
Med.
Secure Download Links SQL Injection
20.03.2017
Ihsan Sencan
Med.
phplist 3.2.6 SQL Injection
20.03.2017
Tim Coen
Med.
Steam Profile Integration 2.0.11 SQL Injection
18.03.2017
DrWhat
Med.
Joomla Vik Appointments 1.5 SQL Injection
16.03.2017
Ihsan Sencan
Med.
Joomla Vik Rent Car 1.11 SQL Injection
16.03.2017
Ihsan Sencan
Med.
Joomla Vik Rent Items 1.3 SQL Injection
16.03.2017
Ihsan Sencan
Med.
Joomla Advertisement Board 3.0.4 SQL Injection
15.03.2017
Ihsan Sencan
Med.
Joomla Simple Membership 3.3.3 SQL Injection
15.03.2017
Ihsan Sencan
Med.
Car Workshop System SQL Injection
14.03.2017
Ihsan Sencan
Med.
Joomla ALFContact 3.2.3 SQL Injection
14.03.2017
Persian Hack Team
Med.
Joomla com_kide Component 'view' Parameter Sql Injection Vulnerability
13.03.2017
Amir
Med.
Travel Tours Script 2.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Property Listing Script 3.1 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Pet Listing Script 3.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Domain Marketplace Script SQL Injection
13.03.2017
Ihsan Sencan
Med.
Vanelo Wanelo Clone SQL Injection
13.03.2017
Ihsan Sencan
Med.
Yacht Listing Script 2.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Mirage Fancy Clone SQL Injection
13.03.2017
Ihsan Sencan
Med.
PHP Forum Script 3.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Yellow Pages Script 3.2 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Global In SQL Injection
13.03.2017
Ihsan Sencan
Med.
Kinsey's Infor-Lawson SQL Injection
12.03.2017
Michael Benich
Med.
e107 2.1.4 Blind SQL Injection
12.03.2017
staker
Med.
IN ADMIN PANEL SQL injection Vulnerability
11.03.2017
xBADGIRL21
Med.
Joomla com_product 2.2 SQL injection Vulnerability
11.03.2017
xBADGIRL21
Med.
Navetti PricePoint 4.6.0.0 XSS / CSRF / SQL Injection
10.03.2017
W. Schober
Med.
ICAutosales 1.2 SQL Injection
10.03.2017
Bilal KARDADOU
Med.
WordPress PICA Photo Gallery 1.0 SQL Injection
10.03.2017
Ihsan Sencan
High
iBaseCMS 1.23 SQL Injection / File Upload
09.03.2017
Bilal KARDADOU
Med.
Mini CMS 1.1 SQL Injection
08.03.2017
Ihsan Sencan
Med.
Daily Deals Script 1.0 SQL Injection
08.03.2017
Ihsan Sencan
Med.
Job Portal Script 3.0 Cross Site Scripting / SQL Injection
08.03.2017
Bilal KARDADOU
Med.
Groupon Clone Script 3.01 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Redbus Clone Script 3.05 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Yellow Pages Clone 1.3.4 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Online Cinema And Event Booking Script 2.01 SQL Injection
06.03.2017
Ihsan Sencan
Med.
MLM Forex Market Plan Script 2.0.1 SQL Injection
06.03.2017
Ihsan Sencan
Med.
MLM Binary Plan Script 2.0.5 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Naukri Clone Script 3.02 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Matrimonial Script 3.0 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Advanced Matrimonial Script 2.0.3 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Network Community Script 3.0.2 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Select Your College Script 2.01 SQL Injection
06.03.2017
Ihsan Sencan
Med.
PHP Classifieds Rental Script 3.6.0 SQL Injection
06.03.2017
Ihsan Sencan
Med.
MLM Membership Plan Script 2.0.5 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Entrepreneur B2B Script 2.0.4 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Multireligion Responsive Matrimonial Script 4.7.1 SQL Injection
06.03.2017
Ihsan Sencan
Med.
MLM Forced Matrix 2.0.7 SQL Injection
06.03.2017
Ihsan Sencan
Med.
Joomla Abstract 2.1 SQL Injection
04.03.2017
Ihsan Sencan
Med.
Joomla Guesser 1.0.4 SQL Injection
04.03.2017
Ihsan Sencan
Med.
Joomla Recipe Manager 2.2 SQL Injection
04.03.2017
Ihsan Sencan
Med.
Joomla StreetGuessr Game 1.0 SQL Injection
04.03.2017
Ihsan Sencan
Med.
PHP Classified OLX Clone Script SQL Injection
03.03.2017
Ihsan Sencan
Med.
Rage Faces Script 1.3 SQL Injection
03.03.2017
Ihsan Sencan
Med.
Meme Maker Script 2.1 SQL Injection
03.03.2017
Ihsan Sencan
Med.
Joomla com_jdownloads Component - 'cid' Parameter Sql Injection Vulnerability
02.03.2017
IrIsT.Ir
Med.
Joomla com_webgrouper Component - 'Itemid' Parameter Sql Injection Vulnerability
02.03.2017
IrIsT.Ir
Med.
Joomla com_frontpage Component 'Itemid' Parameter Sql Injection Vulnerability
01.03.2017
IrIsT.Ir
Med.
Joomla com_filecabinet Component 'id' Parameter Sql Injection Vulnerability
01.03.2017
IrIsT.Ir
Med.
Joomla com_phocadownload Component 'id' Parameter Sql Injection Vulnerability
01.03.2017
IrIsT.Ir
Med.
Joomla Spinner 360 1.3.0 SQL Injection
28.02.2017
Ihsan Sencan
Med.
WordPress Kama Click Counter 3.4.9 SQL Injection
28.02.2017
Manuel GarcAa CA!rdena...
Med.
Joomla com_remository Component 'id' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla com_k2 Component 'id' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla com_onlinejudge Component - 'Itemid' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla com_fsf Component 'catid' Parameter Sql Injection Vulnerability
27.02.2017
IrIsT.Ir
Med.
Joomla GPS Tools 4.0.1 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla AJAX Search For K2 2.2 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Community Surveys 4.3 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Community Quiz 4.3.5 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla JO Facebook Gallery 4.5 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Community Polls 4.5.0 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla JooDatabase 3.1.0 SQL Injection
25.02.2017
Ihsan Sencan
Med.
Joomla Intranet Attendance Track 2.6.5 SQL Injection
25.02.2017
Ihsan Sencan


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Medium
CVE-2015-1517

Vendor: Piwigo
Software: Piwigo
 

 
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.

 
2015-02-17
Medium
CVE-2015-1616

Vendor: Mcafee
Software: Data loss pr...
 

 
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

 
2015-02-16
Medium
CVE-2015-1434

Vendor: Mylittleforum
Software: My little forum
 

 
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.

 
2015-02-12
Medium
CVE-2015-1471

Vendor: Pragyan cms project
Software: Pragyan cms
 

 
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

 
2015-02-11
Medium
CVE-2015-1576

Vendor: YUBA
Software: U5cms
 

 
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.

 
2015-02-06
Medium
CVE-2015-1442

Vendor: AAS9
Software: Zerocms
 

 
SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to zero_view_article.php vector is already covered by CVE-2014-4034.

 
Medium
CVE-2015-1467

Vendor: Fork-cms
Software: Fork cms
 

 
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.

 
Medium
CVE-2015-1513

Vendor: Siphon
Software: Siphone ente...
 

 
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.

 
Medium
CVE-2015-1514

Vendor: Fancyfon
Software: Famoc
 

 
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php.

 
2015-02-04
Medium
CVE-2014-7864

Vendor: Zohocorp
Software: Manageengine...
 

 
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

 

 


Copyright 2017, cxsecurity.com